Guest post by Ellen T. Berge and Andrew Bigart, Venable LLP The past year was a big one for the payments industry with the introduction of new products, the growth of virtual currencies, and, of course, continued government pressure on payment processors and non-bank entities … Read more
Know Your Customer There’s an acronym we use in the payments industry: KYC. With KYC, which is Know Your Customer, we’re referring to ISOs’ and acquirers’ need to know the type of business each of their merchants conducts. If due diligence for KYC doesn’t take place, … Read more
Question: Are there any self-disclosure requirements based on inaccurate SAQ submissions? For example, if the incorrect SAQ was completed, what steps should be taken to complete the correct SAQ and how long would a company have to resubmit? Answer: This would all come down to … Read more
Here’s a news headline that is currently scaring security executives and causing a few sleepless nights: “NSA Has Hacked 50,000 Computers Globally.” What does this have to do with PCI compliance, you might ask? If the National Security Agency can easily hack into private computer … Read more
In recent years, the annual PCI Community Meetings (both here in the U.S. and abroad) have served as an important forum for discussing and gaining a stronger understanding of payment data security best practices and requirements. With the planned release of version 3.0 of both … Read more
The PCI Mobile Payment Acceptance Security Guidelines for Merchants as End-Users was designed to create awareness of challenges in and best practices for accepting payments with a mobile device. The following are three key takeaways from the document: General-purpose mobile devices (i.e., smartphones, tablets, etc.) are designed … Read more